English
Related papers

Related papers: Anomaly Detection in Log Data using Graph Database…

200 papers

In the last decade, a new class of cyber-threats has emerged. This new cybersecurity adversary is known with the name of "Advanced Persistent Threat" (APT) and is referred to different organizations that in the last years have been "in the…

Cryptography and Security · Computer Science 2018-10-18 Giuseppe Laurenza , Riccardo Lazzeretti , Luca Mazzotti

Cyberthreats are a permanent concern in our modern technological world. In the recent years, sophisticated traffic analysis techniques and anomaly detection (AD) algorithms have been employed to face the more and more subversive adversarial…

Machine Learning · Computer Science 2022-05-17 Paul Irofti , Andrei Pătraşcu , Andrei Iulian Hîji

Advanced Persistent Threats (APTs) pose a significant challenge in cybersecurity due to their stealthy and long-term nature. Modern supervised learning methods require extensive labeled data, which is often scarce in real-world…

Machine Learning · Computer Science 2025-11-26 Sidahmed Benabderrahmane , James Cheney , Talal Rahwan

In Advanced Persistent Threat (APT) attacks, achieving stealthy persistence within target systems is often crucial for an attacker's success. This persistence allows adversaries to maintain prolonged access, often evading detection…

Cryptography and Security · Computer Science 2026-05-14 Qi Liu , Muhammad Shoaib , Mati Ur Rehman , Kaibin Bao , Veit Hagenmeyer , Wajih Ul Hassan

As Advanced Persistent Threats (APTs) grow increasingly sophisticated, the demand for effective detection methods has intensified. This study addresses the challenge of identifying APT campaign attacks through system event logs. A cascading…

Cryptography and Security · Computer Science 2024-10-31 Yi-Ting Huang , Ying-Ren Guo , Guo-Wei Wong , Meng Chang Chen

In modern world the importance of cybersecurity of various systems is increasing from year to year. The number of information security events generated by information security tools grows up with the development of the IT infrastructure. At…

Cryptography and Security · Computer Science 2025-06-17 Evgeniy Eremin

Anomalies represent rare observations (e.g., data records or events) that deviate significantly from others. Over several decades, research on anomaly mining has received increasing interests due to the implications of these occurrences in…

Machine Learning · Computer Science 2022-04-21 Xiaoxiao Ma , Jia Wu , Shan Xue , Jian Yang , Chuan Zhou , Quan Z. Sheng , Hui Xiong , Leman Akoglu

Graph modeling allows numerous security problems to be tackled in a general way, however, little work has been done to understand their ability to withstand adversarial attacks. We design and evaluate two novel graph attacks against a…

Cryptography and Security · Computer Science 2017-08-31 Yizheng Chen , Yacin Nadji , Athanasios Kountouras , Fabian Monrose , Roberto Perdisci , Manos Antonakakis , Nikolaos Vasiloglou

Anomaly detection is a crucial task in complex distributed systems. A thorough understanding of the requirements and challenges of anomaly detection is pivotal to the security of such systems, especially for real-world deployment. While…

Cyber attacks are often identified using system and network logs. There have been significant prior works that utilize provenance graphs and ML techniques to detect attacks, specifically advanced persistent threats, which are very difficult…

Cryptography and Security · Computer Science 2023-11-13 Sihat Afnan , Mushtari Sadia , Shahrear Iqbal , Anindya Iqbal

Graph Neural Networks (GNNs) have gained traction in Graph-based Machine Learning as a Service (GMLaaS) platforms, yet they remain vulnerable to graph-based model extraction attacks (MEAs), where adversaries reconstruct surrogate models by…

Machine Learning · Computer Science 2025-03-24 Zhan Cheng , Bolin Shen , Tianming Sha , Yuan Gao , Shibo Li , Yushun Dong

Advanced persistent threat (APT) attacks remain difficult to detect due to their stealth, adaptability, and use of legitimate system components. Provenance-based intrusion detection systems (PIDS) offer a promising defense by capturing…

Cryptography and Security · Computer Science 2026-05-11 Robin Buchta , Carsten Kleiner , Felix Heine , Gabi Dreo Rodosek

This paper presents PULSAR, a framework for pre-empting Advanced Persistent Threats (APTs). PULSAR employs a probabilistic graphical model (specifically a Factor Graph) to infer the time evolution of an attack based on observed security…

Cryptography and Security · Computer Science 2019-03-22 Phuong Cao

Attack graphs (AGs) are graphical tools to analyze the security of computer networks. By connecting the exploitation of individual vulnerabilities, AGs expose possible multi-step attacks against target networks, allowing system…

Cryptography and Security · Computer Science 2025-08-19 Ming Li , John Hale

Advanced Persistent Threat (APT) attacks are highly sophisticated and employ a multitude of advanced methods and techniques to target organizations and steal sensitive and confidential information. APT attacks consist of multiple stages and…

Cryptography and Security · Computer Science 2023-09-18 Huynh Thai Thi , Ngo Duc Hoang Son , Phan The Duy , Nghi Hoang Khoa , Khoa Ngo-Khanh , Van-Hau Pham

Despite its technological benefits, Internet of Things (IoT) has cyber weaknesses due to the vulnerabilities in the wireless medium. Machine learning (ML)-based methods are widely used against cyber threats in IoT networks with promising…

Cryptography and Security · Computer Science 2022-10-11 Zhiyan Chen , Jinxin Liu , Yu Shen , Murat Simsek , Burak Kantarci , Hussein T. Mouftah , Petar Djukic

Attack graphs are a powerful tool for security risk assessment by analysing network vulnerabilities and the paths attackers can use to compromise network resources. The uncertainty about the attacker's behaviour makes Bayesian networks…

Cryptography and Security · Computer Science 2016-11-07 Luis Muñoz-González , Daniele Sgandurra , Martín Barrère , Emil Lupu

A cyber-attack is a malicious attempt by experienced hackers to breach the target information system. Usually, the cyber-attacks are characterized as hybrid TTPs (Tactics, Techniques, and Procedures) and long-term adversarial behaviors,…

Cryptography and Security · Computer Science 2021-12-17 Mingqi Lv , Chengyu Dong , Tieming Chen , Tiantian Zhu , Qijie Song , Yuan Fan

In the Internet of Things (IoT) devices are exposed to various kinds of attacks when connected to the Internet. An attack detection mechanism that understands the limitations of these severely resource-constrained devices is necessary. This…

Cryptography and Security · Computer Science 2017-01-25 Nidhi Rastogi , James Hendler

Anomaly detection is a critical task in cybersecurity, where identifying insider threats, access violations, and coordinated attacks is essential for ensuring system resilience. Graph-based approaches have become increasingly important for…

Cryptography and Security · Computer Science 2026-03-31 Laura Jiang , Reza Ryan , Qian Li , Nasim Ferdosian